You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured.
*string
false
version
Version the cluster should be on.
string
false
tag
Tag of Alertmanager container image to be deployed. Defaults to the value of version. Version is ignored if Tag is set. Deprecated: use 'image' instead. The image tag can be specified as part of the image URL.
string
false
sha
SHA of Alertmanager container image to be deployed. Defaults to the value of version. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use 'image' instead. The image digest can be specified as part of the image URL.
string
false
baseImage
Base image that is used to deploy pods, without tag. Deprecated: use 'image' instead
Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/.
[]string
false
configMaps
ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/.
[]string
false
configSecret
ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains configuration for this Alertmanager instance. Defaults to 'alertmanager-' The secret is mounted into /etc/alertmanager/config.
string
false
logLevel
Log level for Alertmanager to be configured with.
string
false
logFormat
Log format for Alertmanager to be configured with.
string
false
replicas
Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size.
*int32
false
retention
Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
string
false
storage
Storage is the definition of how storage will be used by the Alertmanager instances.
Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
[]v1.Volume
false
volumeMounts
VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects.
[]v1.VolumeMount
false
externalUrl
The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name.
string
false
routePrefix
The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with kubectl proxy.
string
false
paused
If set to true all actions on the underlaying managed objects are not goint to be performed, except for delete actions.
bool
false
nodeSelector
Define which Nodes the Pods are scheduled on.
map[string]string
false
resources
Define resources requests and limits for single Pods.
If specified, the pod's topology spread constraints.
[]v1.TopologySpreadConstraint
false
securityContext
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
*v1.PodSecurityContext
false
serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
string
false
listenLocal
ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication.
bool
false
containers
Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: alertmanager and config-reloader. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
[]v1.Container
false
initContainers
InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
[]v1.Container
false
priorityClassName
Priority class assigned to the Pods
string
false
additionalPeers
AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
[]string
false
clusterAdvertiseAddress
ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918
string
false
portName
Port name used for the pods and governing service. This defaults to web
string
false
forceEnableClusterMode
ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
bool
false
alertmanagerConfigSelector
AlertmanagerConfigs to be selected for to merge and configure Alertmanager with.
ArbitraryFSAccessThroughSMsConfig enables users to configure, whether a service monitor selected by the Prometheus instance is allowed to use arbitrary files on the file system of the Prometheus container. This is the case when e.g. a service monitor specifies a BearerTokenFile in an endpoint. A malicious user could create a service monitor selecting arbitrary secret files in the Prometheus container. Those secrets would then be sent with a scrape request by Prometheus to a malicious target. Denying the above would prevent the attack, users can instead use the BearerTokenSecret field.
EmbeddedObjectMetadata contains a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta Only fields which are relevant to embedded resources are included.
Field
Description
Scheme
Required
name
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
string
false
labels
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
map[string]string
false
annotations
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
Endpoint defines a scrapeable endpoint serving Prometheus metrics.
Field
Description
Scheme
Required
port
Name of the service port this endpoint refers to. Mutually exclusive with targetPort.
string
false
targetPort
Name or number of the target port of the Pod behind the Service, the port must be specified with container port property. Mutually exclusive with port.
*intstr.IntOrString
false
path
HTTP path to scrape for metrics.
string
false
scheme
HTTP scheme to use for scraping.
string
false
params
Optional HTTP URL parameters
map[string][]string
false
interval
Interval at which metrics should be scraped
string
false
scrapeTimeout
Timeout after which the scrape is ended
string
false
tlsConfig
TLS configuration to use when scraping the endpoint
Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the service monitor and accessible by the Prometheus Operator.
Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.
Experimental PodMonitors to be selected for target discovery. Deprecated: if neither this nor serviceMonitorSelector are specified, configuration is unmanaged.
Tag of Prometheus container image to be deployed. Defaults to the value of version. Version is ignored if Tag is set. Deprecated: use 'image' instead. The image tag can be specified as part of the image URL.
string
false
sha
SHA of Prometheus container image to be deployed. Defaults to the value of version. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use 'image' instead. The image digest can be specified as part of the image URL.
string
false
paused
When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
bool
false
image
Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
*string
false
baseImage
Base image to use for a Prometheus deployment. Deprecated: use 'image' instead
Number of instances to deploy for a Prometheus deployment.
*int32
false
replicaExternalLabelName
Name of Prometheus external label used to denote replica name. Defaults to the value of prometheus_replica. External label will not be added when value is set to empty string (\"\").
*string
false
prometheusExternalLabelName
Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of prometheus. External label will not be added when value is set to empty string (\"\").
*string
false
retention
Time duration Prometheus shall retain data for. Default is '24h', and must match the regular expression [0-9]+(ms|s|m|h|d|w|y) (milliseconds seconds minutes hours days weeks years).
string
false
retentionSize
Maximum amount of disk space used by blocks.
string
false
disableCompaction
Disable prometheus compaction.
bool
false
walCompression
Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
*bool
false
logLevel
Log level for Prometheus to be configured with.
string
false
logFormat
Log format for Prometheus to be configured with.
string
false
scrapeInterval
Interval between consecutive scrapes.
string
false
scrapeTimeout
Number of seconds to wait for target to respond before erroring.
The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
map[string]string
false
enableAdminAPI
Enable access to prometheus web admin API. Defaults to the value of false. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
bool
false
externalUrl
The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
string
false
routePrefix
The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with kubectl proxy.
string
false
query
QuerySpec defines the query command line flags when starting Prometheus.
Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
[]v1.Volume
false
volumeMounts
VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
[]v1.VolumeMount
false
web
WebSpec defines the web command line flags when starting Prometheus.
A selector to select which PrometheusRules to mount for loading alerting/recording rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated.
ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
string
false
secrets
Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The Secrets are mounted into /etc/prometheus/secrets/.
[]string
false
configMaps
ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/.
[]string
false
affinity
If specified, the pod's scheduling constraints.
*v1.Affinity
false
tolerations
If specified, the pod's tolerations.
[]v1.Toleration
false
topologySpreadConstraints
If specified, the pod's topology spread constraints.
[]v1.TopologySpreadConstraint
false
remoteWrite
If specified, the remote_write spec. This is an experimental feature, it may change in any upcoming release in a breaking way.
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext.
*v1.PodSecurityContext
false
listenLocal
ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
bool
false
containers
Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: prometheus, config-reloader, and thanos-sidecar. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
[]v1.Container
false
initContainers
InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
[]v1.Container
false
additionalScrapeConfigs
AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade.
AdditionalAlertRelabelConfigs allows specifying a key of a Secret containing additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade.
AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.
APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment.\n\nThis section is experimental, it may change significantly without deprecation notice in any release.\n\nThis is experimental and may change significantly without backward compatibility in any release.
Port name used for the pods and governing service. This defaults to web
string
false
arbitraryFSAccessThroughSMs
ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor or PodMonitor to true, this overrides honor_labels to false.
bool
false
overrideHonorTimestamps
OverrideHonorTimestamps allows to globally enforce honoring timestamps in all scrape configs.
bool
false
ignoreNamespaceSelectors
IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from the podmonitor and servicemonitor configs, and they will only discover endpoints within their current namespace. Defaults to false.
bool
false
enforcedNamespaceLabel
EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created.
string
false
prometheusRulesExcludedFromEnforce
PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair
QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable, and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such as /dev/stdout to log querie information to the default Prometheus log stream. This is only available in versions of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
string
false
enforcedSampleLimit
EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
*uint64
false
allowOverlappingBlocks
AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental in Prometheus so it may change in any upcoming release.
bool
false
enforcedTargetLimit
EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep overall number of targets under the desired limit. Note that if TargetLimit is higher that value will be taken instead.
QuerySpec defines the query command line flags when starting Prometheus.
Field
Description
Scheme
Required
lookbackDelta
The delta difference allowed for retrieving metrics during expression evaluations.
*string
false
maxConcurrency
Number of concurrent queries that can be run at once.
*int32
false
maxSamples
Maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return.
*int32
false
timeout
Maximum time a query may take before being aborted.
The source labels select values from existing labels. Their content is concatenated using the configured separator and matched against the configured regular expression for the replace, keep, and drop actions.
[]string
false
separator
Separator placed between concatenated source label values. default is ';'.
string
false
targetLabel
Label to which the resulting value is written in a replace action. It is mandatory for replace actions. Regex capture groups are available.
string
false
regex
Regular expression against which the extracted value is matched. Default is '(.*)'
string
false
modulus
Modulus to take of the hash of the source label values.
uint64
false
replacement
Replacement value against which a regex replace is performed if the regular expression matches. Regex capture groups are available. Default is '$1'
string
false
action
Action to perform based on regex matching. Default is 'replace'
RemoteReadSpec defines the remote_read configuration for prometheus.
Field
Description
Scheme
Required
url
The URL of the endpoint to send samples to.
string
true
name
The name of the remote read queue, must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. Only valid in Prometheus versions 2.15.0 and newer.
string
false
requiredMatchers
An optional list of equality matchers which have to be present in a selector to query the remote read endpoint.
map[string]string
false
remoteTimeout
Timeout for requests to the remote read endpoint.
string
false
readRecent
Whether reads should be made for queries for time ranges that the local storage should have complete data for.
RemoteWriteSpec defines the remote_write configuration for prometheus.
Field
Description
Scheme
Required
url
The URL of the endpoint to send samples to.
string
true
name
The name of the remote write queue, must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer.
string
false
remoteTimeout
Timeout for requests to the remote write endpoint.
StorageSpec defines the configured storage for a group Prometheus servers. If neither emptyDir nor volumeClaimTemplate is specified, then by default an EmptyDir will be used.
Field
Description
Scheme
Required
disableMountSubPath
Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.
ThanosSpec defines parameters for a Prometheus server within a Thanos deployment.
Field
Description
Scheme
Required
image
Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Thanos is being configured.
*string
false
version
Version describes the version of Thanos to use.
*string
false
tag
Tag of Thanos sidecar container image to be deployed. Defaults to the value of version. Version is ignored if Tag is set. Deprecated: use 'image' instead. The image tag can be specified as part of the image URL.
*string
false
sha
SHA of Thanos container image to be deployed. Defaults to the value of version. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use 'image' instead. The image digest can be specified as part of the image URL.
*string
false
baseImage
Thanos base image if other than default. Deprecated: use 'image' instead
*string
false
resources
Resources defines the resource requirements for the Thanos sidecar. If not provided, no requests/limits will be set
GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the '--grpc-server-tls-*' CLI args.
LogLevel for Thanos sidecar to be configured with.
string
false
logFormat
LogFormat for Thanos sidecar to be configured with.
string
false
minTime
MinTime for Thanos sidecar to be configured with. Option can be a constant time in RFC3339 format or time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y.
Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
[]v1.Volume
false
objectStorageConfig
ObjectStorageConfig configures object storage in Thanos.
ListenLocal makes the Thanos ruler listen on loopback, so that it does not bind against the Pod IP.
bool
false
queryEndpoints
QueryEndpoints defines Thanos querier endpoints from which to query metrics. Maps to the --query flag of thanos ruler.
[]string
false
queryConfig
Define configuration for connecting to thanos query instances. If this is defined, the QueryEndpoints field will be ignored. Maps to the query.config CLI argument. Only available with thanos v0.11.0 and higher.
Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, AlertManagersConfig should be used instead. Note: this field will be ignored if AlertManagersConfig is specified. Maps to the alertmanagers.url arg.
[]string
false
alertmanagersConfig
Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 and higher. Maps to the alertmanagers.config arg.
EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created.
string
false
prometheusRulesExcludedFromEnforce
PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair
Port name used for the pods and governing service. This defaults to web
string
false
evaluationInterval
Interval between consecutive evaluations.
string
false
retention
Time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression [0-9]+(ms|s|m|h|d|w|y) (milliseconds seconds minutes hours days weeks years).
string
false
containers
Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: thanos-ruler and config-reloader. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
[]v1.Container
false
initContainers
InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.
[]v1.Container
false
tracingConfig
TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
Labels configure the external label pairs to ThanosRuler. If not provided, default replica label thanos_ruler_replica will be added as a label and be dropped in alerts.
map[string]string
false
alertDropLabels
AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. If labels field is not provided, thanos_ruler_replica will be dropped in alerts by default.
[]string
false
externalPrefix
The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name.
string
false
routePrefix
The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path.
string
false
grpcServerTlsConfig
GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the '--grpc-server-tls-*' CLI args.